--- description: Controlling and configuring Docker using systemd keywords: docker, daemon, systemd, configuration redirect_from: - /engine/articles/systemd/ - /articles/systemd/ - /engine/admin/systemd/ title: Control Docker with systemd --- Many Linux distributions use systemd to start the Docker daemon. This document shows a few examples of how to customize Docker's settings. ## Start the Docker daemon ### Start manually Once Docker is installed, you need to start the Docker daemon. Most Linux distributions use `systemctl` to start services. If you do not have `systemctl`, use the `service` command. - **`systemctl`**: ```bash $ sudo systemctl start docker ``` - **`service`**: ```bash $ sudo service docker start ``` ### Start automatically at system boot If you want Docker to start at boot, see [Configure Docker to start on boot](../../engine/install/linux-postinstall.md#configure-docker-to-start-on-boot). ## Custom Docker daemon options There are a number of ways to configure the daemon flags and environment variables for your Docker daemon. The recommended way is to use the platform-independent `daemon.json` file, which is located in `/etc/docker/` on Linux by default. See [Daemon configuration file](../../engine/reference/commandline/dockerd.md#daemon-configuration-file). You can configure nearly all daemon configuration options using `daemon.json`. The following example configures two options. One thing you cannot configure using `daemon.json` mechanism is a [HTTP proxy](#http-proxy). ### Runtime directory and storage driver You may want to control the disk space used for Docker images, containers, and volumes by moving it to a separate partition. To accomplish this, set the following flags in the `daemon.json` file: ```none { "data-root": "/mnt/docker-data", "storage-driver": "overlay2" } ``` ### HTTP/HTTPS proxy The Docker daemon uses the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environmental variables in its start-up environment to configure HTTP or HTTPS proxy behavior. You cannot configure these environment variables using the `daemon.json` file. This example overrides the default `docker.service` file. If you are behind an HTTP or HTTPS proxy server, for example in corporate settings, you need to add this configuration in the Docker systemd service file. > **Note for rootless mode** > > The location of systemd configuration files are different when running Docker > in [rootless mode](../../engine/security/rootless.md). When running in rootless > mode, Docker is started as a user-mode systemd service, and uses files stored > in each users' home directory in `~/.config/systemd/user/docker.service.d/`. > In addition, `systemctl` must be executed without `sudo` and with the `--user` > flag. Select the _"rootless mode"_ tab below if you are running Docker in rootless mode.
1. Create a systemd drop-in directory for the docker service: ```bash sudo mkdir -p /etc/systemd/system/docker.service.d ``` 2. Create a file named `/etc/systemd/system/docker.service.d/http-proxy.conf` that adds the `HTTP_PROXY` environment variable: ```conf [Service] Environment="HTTP_PROXY=http://proxy.example.com:80" ``` If you are behind an HTTPS proxy server, set the `HTTPS_PROXY` environment variable: ```conf [Service] Environment="HTTPS_PROXY=https://proxy.example.com:443" ``` Multiple environment variables can be set; to set both a non-HTTPS and a HTTPs proxy; ```conf [Service] Environment="HTTP_PROXY=http://proxy.example.com:80" Environment="HTTPS_PROXY=https://proxy.example.com:443" ``` 3. If you have internal Docker registries that you need to contact without proxying you can specify them via the `NO_PROXY` environment variable. The `NO_PROXY` variable specifies a string that contains comma-separated values for hosts that should be excluded from proxying. These are the options you can specify to exclude hosts: * IP address prefix (`1.2.3.4`) * Domain name, or a special DNS label (`*`) * A domain name matches that name and all subdomains. A domain name with a leading "." matches subdomains only. For example, given the domains `foo.example.com` and `example.com`: * `example.com` matches `example.com` and `foo.example.com`, and * `.example.com` matches only `foo.example.com` * A single asterisk (`*`) indicates that no proxying should be done * Literal port numbers are accepted by IP address prefixes (`1.2.3.4:80`) and domain names (`foo.example.com:80`) Config example: ```conf [Service] Environment="HTTP_PROXY=http://proxy.example.com:80" Environment="HTTPS_PROXY=https://proxy.example.com:443" Environment="NO_PROXY=localhost,127.0.0.1,docker-registry.example.com,.corp" ``` 4. Flush changes and restart Docker ```bash sudo systemctl daemon-reload sudo systemctl restart docker ``` 5. Verify that the configuration has been loaded and matches the changes you made, for example: ```bash sudo systemctl show --property=Environment docker Environment=HTTP_PROXY=http://proxy.example.com:80 HTTPS_PROXY=https://proxy.example.com:443 NO_PROXY=localhost,127.0.0.1,docker-registry.example.com,.corp ```
1. Create a systemd drop-in directory for the docker service: ```bash mkdir -p ~/.config/systemd/user/docker.service.d ``` 2. Create a file named `~/.config/systemd/user/docker.service.d/http-proxy.conf` that adds the `HTTP_PROXY` environment variable: ```conf [Service] Environment="HTTP_PROXY=http://proxy.example.com:80" ``` If you are behind an HTTPS proxy server, set the `HTTPS_PROXY` environment variable: ```conf [Service] Environment="HTTPS_PROXY=https://proxy.example.com:443" ``` Multiple environment variables can be set; to set both a non-HTTPS and a HTTPs proxy; ```conf [Service] Environment="HTTP_PROXY=http://proxy.example.com:80" Environment="HTTPS_PROXY=https://proxy.example.com:443" ``` 3. If you have internal Docker registries that you need to contact without proxying, you can specify them via the `NO_PROXY` environment variable. The `NO_PROXY` variable specifies a string that contains comma-separated values for hosts that should be excluded from proxying. These are the options you can specify to exclude hosts: * IP address prefix (`1.2.3.4`) * Domain name, or a special DNS label (`*`) * A domain name matches that name and all subdomains. A domain name with a leading "." matches subdomains only. For example, given the domains `foo.example.com` and `example.com`: * `example.com` matches `example.com` and `foo.example.com`, and * `.example.com` matches only `foo.example.com` * A single asterisk (`*`) indicates that no proxying should be done * Literal port numbers are accepted by IP address prefixes (`1.2.3.4:80`) and domain names (`foo.example.com:80`) Config example: ```conf [Service] Environment="HTTP_PROXY=http://proxy.example.com:80" Environment="HTTPS_PROXY=https://proxy.example.com:443" Environment="NO_PROXY=localhost,127.0.0.1,docker-registry.example.com,.corp" ``` 4. Flush changes and restart Docker ```bash systemctl --user daemon-reload systemctl --user restart docker ``` 5. Verify that the configuration has been loaded and matches the changes you made, for example: ```bash systemctl --user show --property=Environment docker Environment=HTTP_PROXY=http://proxy.example.com:80 HTTPS_PROXY=https://proxy.example.com:443 NO_PROXY=localhost,127.0.0.1,docker-registry.example.com,.corp ```
## Configure where the Docker daemon listens for connections See [Configure where the Docker daemon listens for connections](../../engine/install/linux-postinstall.md#control-where-the-docker-daemon-listens-for-connections). ## Manually create the systemd unit files When installing the binary without a package, you may want to integrate Docker with systemd. For this, install the two unit files (`service` and `socket`) from [the github repository](https://github.com/moby/moby/tree/master/contrib/init/systemd) to `/etc/systemd/system`.